Volerion logoVolerion
Volerion logoVolerion

F5 BIG-IP Container Ingress Services Excessive Permissions Vulnerability Allowing Unauthorized Access to Cluster Secrets

Vulnerability

A vulnerability in F5 BIG-IP Container Ingress Services for Kubernetes and OpenShift, specifically in versions 2.0.0 through 2.20.1 and 1.0.0 through 1.14.0, may grant excessive permissions to read cluster secrets. This issue affects the control plane only, with no exposure on the data plane.

Impact

A remote, authenticated attacker with high privilege access to BIG-IP Container Ingress Services could read cluster secrets, potentially leading to unauthorized access or manipulation of sensitive information within the cluster.

Remediation

Users can upgrade to BIG-IP Container Ingress Services versions 2.20.2 or 1.14.1 to address this vulnerability. For version 2.20.1, Helm version 0.0.36 can be used to install the update. To mitigate the vulnerability without upgrading, permissions can be narrowed down to specific resources and namespaces as needed.

Added: Feb 4, 2026, 4:28 PM
Updated: Feb 4, 2026, 4:45 PM

Vulnerability Rating

Custom Algorithm
spread
0.3
impact
0.8
exploitability
4.4
remediation
7.9
relevance
2.5
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.